Computer systems often contain valuable and/or sensitive information, control access to such information, or play an integral role in securing physical locations and assets. The security of information, assets and locations is only as good as the weakest link in the security chain, so it is important that computers reliably be able to distinguish authorized personnel from impostors. In the past, computer security has largely depended on secret passwords. Unfortunately, users often choose passwords that are easy to guess or that are simple enough to determine via exhaustive search or other means. When passwords of greater complexity are assigned, users may find them hard to remember, so may write them down, thus creating a new, different security vulnerability.
In some cases, computer systems use authentication systems to protect resources, such as documents and data, and accurately identify the creator of the resource. For example, a message (i.e., a written instrument or electronic document) created by an individual can be marked by a digital version of a hand written signature, or protected by a password or a personal identification number (PIN) in order to identify the author of the message or control access to its contents. In some electronic computing devices or computer systems, the signature, PIN or password of the person authorized to access the resource (or a message creator) is stored in a central memory or in storage media that is part of the computer system. When a user desires to read the protected message, the user enters the appropriate signature, password or PIN using an input device (e.g., a keyboard, touchpad or the like). The computer system compares the signature, password or PIN that is entered using the input device with the stored signature, password or PIN associated with the message to be accessed and determines whether to allow the message to be displayed or accessed.
Various approaches have been tried to improve the security of computer systems including authentication systems that rely on unique physical characteristics of users to identify authorized users. For example, fingerprints, voice patterns and retinal images have all been used with some success. However, these systems usually require special and/or additional hardware to implement (e.g. fingerprint or retinal cameras; audio input facilities). Moreover, these systems may require an undesirable amount of time to setup or to generate an original pattern for use when authenticating the user. Therefore, there is a need for an authentication process that uses unique physical characteristics of users, without requiring additional or special hardware, and without requiring additional time.